Ga naar hoofdinhoud
Uitloggen

Welkom bij Dell

Mijn account
  • Snel en eenvoudig bestellen
  • Bestellingen en de verzendstatus bekijken
  • Een lijst met producten maken en openen
  • Beheer uw Dell EMC locaties, producten en contactpersonen op productniveau met Company Administration.
Inloggen Een account maken Inloggen bij Premier Aanmelden voor partnerprogramma
Contact

Uw Dell.com-winkelwagentjes

Artikelnummer: 000225991

DSA-2024-253: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities

Samenvatting: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

Article content

Impact

Critical

Gegevens

Third-Party Component

 

CVEs

More information

Apache

CVE-2023-38709, CVE-2024-24795, CVE-2024-27316
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Apache Tomcat 

CVE-2024-23672, CVE-2024-24549
See NVD link below for individual scores for each CVE.

http://nvd.nist.gov/
This hyperlink is taking you to a website outside of Dell Technologies.

Bouncy Castle

CVE-2024-30172
See NVD link below for individual scores for each CVE.

http://nvd.nist.gov/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Cpio

CVE-2023-7207
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Commons Compress

CVE-2024-25710
See NVD link below for individual scores for each CVE.

http://nvd.nist.gov/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Containerd

CVE-2022-1996
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Curl

CVE-2024-2004, CVE-2024-2398
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Docker

CVE-2024-23651, CVE-2024-23652, CVE-2024-23653
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Glibc

CVE-2024-2961
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Less

CVE-2022-48624, CVE-2024-32487

See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

libncurses 

CVE-2023-45918 
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

libssh

CVE-2019-14889, CVE-2020-1730, CVE-2021-3634, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918 
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

libxml2

 

CVE-2024-25062
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

libblkid1

CVE-2024-28085
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Kernel

CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0607, CVE-2024-1086, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600, CVE-2024-26622
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Krb5

CVE-2024-26458, CVE-2024-26461
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

NGHTTP2

CVE-2024-28182
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

Open JDK

CVE-2024-20918, CVE-2024-20919, CVE-2024-20921
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Open SSL

CVE-2024-0727, CVE-2024-2511
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Open SSH

CVE-2023-51385, CVE-2023-51767
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Postgresql

CVE-2024-1597
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Shim

CVE-2022-28737, CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Spring Framework

CVE-2024-22243, CVE-2024-22259
See NVD link below for individual scores for each CVE.

http://nvd.nist.gov/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Sudo

CVE-2023-42465
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Sysuser-shadow

CVE-2016-9566, CVE-2019-3698

 
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

util-linux

CVE-2024-28085
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

Vim

CVE-2023-4750, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667
See SUSE link below for individual scores for each CVE.

https://www.suse.com/security/cve/
This hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies raadt aan dat alle klanten rekening houden met zowel de basisscore van CVSS als alle relevante tijdelijke en omgevingsscores die gevolgen kunnen hebben voor de mogelijke ernst van de specifieke beveiligingsproblemen.

Getroffen producten en herstel

CVEs 

Addressed 

Product 

Affected Versions 

Updated Version 

Link to Update 

CVE-2016-9566, CVE-2019-3698, CVE-2019-14889, CVE-2020-1730, CVE-2021-3634, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0607, CVE-2024-1086, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600, CVE-2024-26622, CVE-2022-1996, CVE-2022-28737, CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551, CVE-2022-48624, CVE-2024-32487, CVE-2023-4750, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667, CVE-2023-7207, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316, CVE-2023-42465, CVE-2023-45918, CVE-2023-51385, CVE-2023-51767, CVE-2024-0727, CVE-2024-2511, CVE-2024-1597, CVE-2024-2004, CVE-2024-2398, CVE-2024-2961, CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-22243, CVE-2024-22259, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-23672, CVE-2024-24549, CVE-2024-25062, CVE-2024-25710, CVE-2024-26458, CVE-2024-26461, CVE-2024-28085, CVE-2024-28085, CVE-2024-28182, CVE-2024-30172

Dell Secure Connect Gateway  

Version 5.22.00.18 

Version 5.24.00.14 or later 

https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers

CVEs 

Addressed 

Product 

Affected Versions 

Updated Version 

Link to Update 

CVE-2016-9566, CVE-2019-3698, CVE-2019-14889, CVE-2020-1730, CVE-2021-3634, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0607, CVE-2024-1086, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600, CVE-2024-26622, CVE-2022-1996, CVE-2022-28737, CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551, CVE-2022-48624, CVE-2024-32487, CVE-2023-4750, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667, CVE-2023-7207, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316, CVE-2023-42465, CVE-2023-45918, CVE-2023-51385, CVE-2023-51767, CVE-2024-0727, CVE-2024-2511, CVE-2024-1597, CVE-2024-2004, CVE-2024-2398, CVE-2024-2961, CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-22243, CVE-2024-22259, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-23672, CVE-2024-24549, CVE-2024-25062, CVE-2024-25710, CVE-2024-26458, CVE-2024-26461, CVE-2024-28085, CVE-2024-28085, CVE-2024-28182, CVE-2024-30172

Dell Secure Connect Gateway  

Version 5.22.00.18 

Version 5.24.00.14 or later 

https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers

Tijdelijke oplossingen en beperkingen

None

Revisiegeschiedenis

RevisionDateDescription
1.02024-06-11Initial Release
2.02024-06-12Updated table links
3.02024-06-12Updated wording for the versions affected

Verwante informatie

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Juridische informatie

Artikeleigenschappen

Getroffen product

Secure Connect Gateway, Secure Connect Gateway

Datum laatst gepubliceerd

12 jun. 2024

Artikeltype

Dell Security Advisory

Terug naar boven